1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
482 f = find_journal(s, uid);
488 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
493 (r != -E2BIG && /* hit limit */
494 r != -EFBIG && /* hit fs limit */
495 r != -EDQUOT && /* quota hit */
496 r != -ENOSPC && /* disk full */
497 r != -EBADMSG && /* corrupted */
498 r != -ENODATA && /* truncated */
499 r != -EHOSTDOWN && /* other machine */
500 r != -EPROTONOSUPPORT && /* unsupported feature */
501 r != -EBUSY && /* unclean shutdown */
502 r != -ESHUTDOWN /* already archived */)) {
503 log_error("Failed to write entry, ignoring: %s", strerror(-r));
507 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
508 log_info("Allocation limit reached, rotating.");
509 else if (r == -EHOSTDOWN)
510 log_info("Journal file from other machine, rotating.");
511 else if (r == -EBUSY)
512 log_info("Unlcean shutdown, rotating.");
514 log_warning("Journal file corrupted, rotating.");
520 f = find_journal(s, uid);
524 log_info("Retrying write.");
528 static void dispatch_message_real(
530 struct iovec *iovec, unsigned n, unsigned m,
533 const char *label, size_t label_len,
534 const char *unit_id) {
536 char *pid = NULL, *uid = NULL, *gid = NULL,
537 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
538 *comm = NULL, *cmdline = NULL, *hostname = NULL,
539 *audit_session = NULL, *audit_loginuid = NULL,
540 *exe = NULL, *cgroup = NULL, *session = NULL,
541 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
547 uid_t loginuid = 0, realuid = 0;
552 assert(n + N_IOVEC_META_FIELDS <= m);
560 realuid = ucred->uid;
562 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
563 IOVEC_SET_STRING(iovec[n++], pid);
565 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
566 IOVEC_SET_STRING(iovec[n++], uid);
568 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
569 IOVEC_SET_STRING(iovec[n++], gid);
571 r = get_process_comm(ucred->pid, &t);
573 comm = strappend("_COMM=", t);
577 IOVEC_SET_STRING(iovec[n++], comm);
580 r = get_process_exe(ucred->pid, &t);
582 exe = strappend("_EXE=", t);
586 IOVEC_SET_STRING(iovec[n++], exe);
589 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
591 cmdline = strappend("_CMDLINE=", t);
595 IOVEC_SET_STRING(iovec[n++], cmdline);
598 r = audit_session_from_pid(ucred->pid, &audit);
600 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
601 IOVEC_SET_STRING(iovec[n++], audit_session);
603 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
605 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
606 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
608 t = shortened_cgroup_path(ucred->pid);
610 cgroup = strappend("_SYSTEMD_CGROUP=", t);
614 IOVEC_SET_STRING(iovec[n++], cgroup);
618 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
619 session = strappend("_SYSTEMD_SESSION=", t);
623 IOVEC_SET_STRING(iovec[n++], session);
626 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
627 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
628 IOVEC_SET_STRING(iovec[n++], owner_uid);
631 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
632 unit = strappend("_SYSTEMD_UNIT=", t);
635 unit = strappend("_SYSTEMD_UNIT=", unit_id);
638 IOVEC_SET_STRING(iovec[n++], unit);
642 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
643 if (selinux_context) {
644 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
645 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
646 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
647 IOVEC_SET_STRING(iovec[n++], selinux_context);
650 security_context_t con;
652 if (getpidcon(ucred->pid, &con) >= 0) {
653 selinux_context = strappend("_SELINUX_CONTEXT=", con);
655 IOVEC_SET_STRING(iovec[n++], selinux_context);
664 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
665 (unsigned long long) timeval_load(tv)) >= 0)
666 IOVEC_SET_STRING(iovec[n++], source_time);
669 /* Note that strictly speaking storing the boot id here is
670 * redundant since the entry includes this in-line
671 * anyway. However, we need this indexed, too. */
672 r = sd_id128_get_boot(&id);
674 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
675 IOVEC_SET_STRING(iovec[n++], boot_id);
677 r = sd_id128_get_machine(&id);
679 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
680 IOVEC_SET_STRING(iovec[n++], machine_id);
682 t = gethostname_malloc();
684 hostname = strappend("_HOSTNAME=", t);
687 IOVEC_SET_STRING(iovec[n++], hostname);
692 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
705 free(audit_loginuid);
710 free(selinux_context);
713 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
714 char mid[11 + 32 + 1];
715 char buffer[16 + LINE_MAX + 1];
716 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
724 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
725 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
727 memcpy(buffer, "MESSAGE=", 8);
728 va_start(ap, format);
729 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
731 char_array_0(buffer);
732 IOVEC_SET_STRING(iovec[n++], buffer);
734 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
736 IOVEC_SET_STRING(iovec[n++], mid);
739 ucred.pid = getpid();
740 ucred.uid = getuid();
741 ucred.gid = getgid();
743 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
746 static void dispatch_message(Server *s,
747 struct iovec *iovec, unsigned n, unsigned m,
750 const char *label, size_t label_len,
754 char *path = NULL, *c;
757 assert(iovec || n == 0);
762 if (LOG_PRI(priority) > s->max_level_store)
768 path = shortened_cgroup_path(ucred->pid);
772 /* example: /user/lennart/3/foobar
773 * /system/dbus.service/foobar
775 * So let's cut of everything past the third /, since that is
776 * wher user directories start */
778 c = strchr(path, '/');
780 c = strchr(c+1, '/');
782 c = strchr(c+1, '/');
788 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
795 /* Write a suppression message if we suppressed something */
797 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
802 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
805 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
806 struct msghdr msghdr;
807 struct cmsghdr *cmsg;
809 struct cmsghdr cmsghdr;
810 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
812 union sockaddr_union sa;
819 msghdr.msg_iov = (struct iovec*) iovec;
820 msghdr.msg_iovlen = n_iovec;
823 sa.un.sun_family = AF_UNIX;
824 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
825 msghdr.msg_name = &sa;
826 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
830 msghdr.msg_control = &control;
831 msghdr.msg_controllen = sizeof(control);
833 cmsg = CMSG_FIRSTHDR(&msghdr);
834 cmsg->cmsg_level = SOL_SOCKET;
835 cmsg->cmsg_type = SCM_CREDENTIALS;
836 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
837 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
838 msghdr.msg_controllen = cmsg->cmsg_len;
841 /* Forward the syslog message we received via /dev/log to
842 * /run/systemd/syslog. Unfortunately we currently can't set
843 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
845 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
848 /* The socket is full? I guess the syslog implementation is
849 * too slow, and we shouldn't wait for that... */
853 if (ucred && errno == ESRCH) {
856 /* Hmm, presumably the sender process vanished
857 * by now, so let's fix it as good as we
862 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
864 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
872 log_debug("Failed to forward syslog message: %m");
875 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
881 if (LOG_PRI(priority) > s->max_level_syslog)
884 IOVEC_SET_STRING(iovec, buffer);
885 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
888 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
889 struct iovec iovec[5];
890 char header_priority[6], header_time[64], header_pid[16];
894 char *ident_buf = NULL;
897 assert(priority >= 0);
898 assert(priority <= 999);
901 if (LOG_PRI(priority) > s->max_level_syslog)
904 /* First: priority field */
905 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
906 char_array_0(header_priority);
907 IOVEC_SET_STRING(iovec[n++], header_priority);
909 /* Second: timestamp */
910 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
914 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
916 IOVEC_SET_STRING(iovec[n++], header_time);
918 /* Third: identifier and PID */
921 get_process_comm(ucred->pid, &ident_buf);
922 identifier = ident_buf;
925 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
926 char_array_0(header_pid);
929 IOVEC_SET_STRING(iovec[n++], identifier);
931 IOVEC_SET_STRING(iovec[n++], header_pid);
932 } else if (identifier) {
933 IOVEC_SET_STRING(iovec[n++], identifier);
934 IOVEC_SET_STRING(iovec[n++], ": ");
937 /* Fourth: message */
938 IOVEC_SET_STRING(iovec[n++], message);
940 forward_syslog_iovec(s, iovec, n, ucred, tv);
945 static int fixup_priority(int priority) {
947 if ((priority & LOG_FACMASK) == 0)
948 return (priority & LOG_PRIMASK) | LOG_USER;
953 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
954 struct iovec iovec[5];
955 char header_priority[6], header_pid[16];
957 char *ident_buf = NULL;
961 assert(priority >= 0);
962 assert(priority <= 999);
965 if (LOG_PRI(priority) > s->max_level_kmsg)
968 /* Never allow messages with kernel facility to be written to
969 * kmsg, regardless where the data comes from. */
970 priority = fixup_priority(priority);
972 /* First: priority field */
973 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
974 char_array_0(header_priority);
975 IOVEC_SET_STRING(iovec[n++], header_priority);
977 /* Second: identifier and PID */
980 get_process_comm(ucred->pid, &ident_buf);
981 identifier = ident_buf;
984 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
985 char_array_0(header_pid);
988 IOVEC_SET_STRING(iovec[n++], identifier);
990 IOVEC_SET_STRING(iovec[n++], header_pid);
991 } else if (identifier) {
992 IOVEC_SET_STRING(iovec[n++], identifier);
993 IOVEC_SET_STRING(iovec[n++], ": ");
996 /* Fourth: message */
997 IOVEC_SET_STRING(iovec[n++], message);
998 IOVEC_SET_STRING(iovec[n++], "\n");
1000 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
1002 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1006 if (writev(fd, iovec, n) < 0)
1007 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1009 close_nointr_nofail(fd);
1015 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1016 struct iovec iovec[4];
1017 char header_pid[16];
1019 char *ident_buf = NULL;
1025 if (LOG_PRI(priority) > s->max_level_console)
1028 /* First: identifier and PID */
1031 get_process_comm(ucred->pid, &ident_buf);
1032 identifier = ident_buf;
1035 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1036 char_array_0(header_pid);
1039 IOVEC_SET_STRING(iovec[n++], identifier);
1041 IOVEC_SET_STRING(iovec[n++], header_pid);
1042 } else if (identifier) {
1043 IOVEC_SET_STRING(iovec[n++], identifier);
1044 IOVEC_SET_STRING(iovec[n++], ": ");
1047 /* Third: message */
1048 IOVEC_SET_STRING(iovec[n++], message);
1049 IOVEC_SET_STRING(iovec[n++], "\n");
1051 tty = s->tty_path ? s->tty_path : "/dev/console";
1053 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1055 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1059 if (writev(fd, iovec, n) < 0)
1060 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1062 close_nointr_nofail(fd);
1068 static void read_identifier(const char **buf, char **identifier, char **pid) {
1079 p += strspn(p, WHITESPACE);
1080 l = strcspn(p, WHITESPACE);
1089 if (p[l-1] == ']') {
1095 t = strndup(p+k+1, l-k-2);
1115 *buf += strspn(*buf, WHITESPACE);
1118 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1119 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1120 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1122 int priority = LOG_USER | LOG_INFO;
1123 char *identifier = NULL, *pid = NULL;
1130 parse_syslog_priority((char**) &buf, &priority);
1132 if (s->forward_to_syslog)
1133 forward_syslog_raw(s, priority, orig, ucred, tv);
1135 skip_syslog_date((char**) &buf);
1136 read_identifier(&buf, &identifier, &pid);
1138 if (s->forward_to_kmsg)
1139 forward_kmsg(s, priority, identifier, buf, ucred);
1141 if (s->forward_to_console)
1142 forward_console(s, priority, identifier, buf, ucred);
1144 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1146 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1147 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1149 if (priority & LOG_FACMASK)
1150 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1151 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1154 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1155 if (syslog_identifier)
1156 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1160 syslog_pid = strappend("SYSLOG_PID=", pid);
1162 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1165 message = strappend("MESSAGE=", buf);
1167 IOVEC_SET_STRING(iovec[n++], message);
1169 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1174 free(syslog_priority);
1175 free(syslog_facility);
1176 free(syslog_identifier);
1180 static bool valid_user_field(const char *p, size_t l) {
1183 /* We kinda enforce POSIX syntax recommendations for
1184 environment variables here, but make a couple of additional
1187 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1189 /* No empty field names */
1193 /* Don't allow names longer than 64 chars */
1197 /* Variables starting with an underscore are protected */
1201 /* Don't allow digits as first character */
1202 if (p[0] >= '0' && p[0] <= '9')
1205 /* Only allow A-Z0-9 and '_' */
1206 for (a = p; a < p + l; a++)
1207 if (!((*a >= 'A' && *a <= 'Z') ||
1208 (*a >= '0' && *a <= '9') ||
1215 static void process_native_message(
1217 const void *buffer, size_t buffer_size,
1218 struct ucred *ucred,
1220 const char *label, size_t label_len) {
1222 struct iovec *iovec = NULL;
1223 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1226 int priority = LOG_INFO;
1227 char *identifier = NULL, *message = NULL;
1230 assert(buffer || buffer_size == 0);
1233 remaining = buffer_size;
1235 while (remaining > 0) {
1238 e = memchr(p, '\n', remaining);
1241 /* Trailing noise, let's ignore it, and flush what we collected */
1242 log_debug("Received message with trailing noise, ignoring.");
1247 /* Entry separator */
1248 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1250 priority = LOG_INFO;
1257 if (*p == '.' || *p == '#') {
1258 /* Ignore control commands for now, and
1260 remaining -= (e - p) + 1;
1265 /* A property follows */
1267 if (n+N_IOVEC_META_FIELDS >= m) {
1271 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1272 c = realloc(iovec, u * sizeof(struct iovec));
1282 q = memchr(p, '=', e - p);
1284 if (valid_user_field(p, q - p)) {
1289 /* If the field name starts with an
1290 * underscore, skip the variable,
1291 * since that indidates a trusted
1293 iovec[n].iov_base = (char*) p;
1294 iovec[n].iov_len = l;
1297 /* We need to determine the priority
1298 * of this entry for the rate limiting
1301 memcmp(p, "PRIORITY=", 9) == 0 &&
1302 p[9] >= '0' && p[9] <= '9')
1303 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1306 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1307 p[16] >= '0' && p[16] <= '9')
1308 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1311 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1312 p[16] >= '0' && p[16] <= '9' &&
1313 p[17] >= '0' && p[17] <= '9')
1314 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1317 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1320 t = strndup(p + 18, l - 18);
1325 } else if (l >= 8 &&
1326 memcmp(p, "MESSAGE=", 8) == 0) {
1329 t = strndup(p + 8, l - 8);
1337 remaining -= (e - p) + 1;
1345 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1346 log_debug("Failed to parse message, ignoring.");
1350 memcpy(&l_le, e + 1, sizeof(uint64_t));
1353 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1354 e[1+sizeof(uint64_t)+l] != '\n') {
1355 log_debug("Failed to parse message, ignoring.");
1359 k = malloc((e - p) + 1 + l);
1365 memcpy(k, p, e - p);
1367 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1369 if (valid_user_field(p, e - p)) {
1370 iovec[n].iov_base = k;
1371 iovec[n].iov_len = (e - p) + 1 + l;
1376 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1377 p = e + 1 + sizeof(uint64_t) + l + 1;
1385 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1388 if (s->forward_to_syslog)
1389 forward_syslog(s, priority, identifier, message, ucred, tv);
1391 if (s->forward_to_kmsg)
1392 forward_kmsg(s, priority, identifier, message, ucred);
1394 if (s->forward_to_console)
1395 forward_console(s, priority, identifier, message, ucred);
1398 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1401 for (j = 0; j < n; j++) {
1405 if (iovec[j].iov_base < buffer ||
1406 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1407 free(iovec[j].iov_base);
1415 static void process_native_file(
1418 struct ucred *ucred,
1420 const char *label, size_t label_len) {
1429 /* Data is in the passed file, since it didn't fit in a
1430 * datagram. We can't map the file here, since clients might
1431 * then truncate it and trigger a SIGBUS for us. So let's
1432 * stupidly read it */
1434 if (fstat(fd, &st) < 0) {
1435 log_error("Failed to stat passed file, ignoring: %m");
1439 if (!S_ISREG(st.st_mode)) {
1440 log_error("File passed is not regular. Ignoring.");
1444 if (st.st_size <= 0)
1447 if (st.st_size > ENTRY_SIZE_MAX) {
1448 log_error("File passed too large. Ignoring.");
1452 p = malloc(st.st_size);
1458 n = pread(fd, p, st.st_size, 0);
1460 log_error("Failed to read file, ignoring: %s", strerror(-n));
1462 process_native_message(s, p, n, ucred, tv, label, label_len);
1467 static int stdout_stream_log(StdoutStream *s, const char *p) {
1468 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1469 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1473 size_t label_len = 0;
1481 priority = s->priority;
1483 if (s->level_prefix)
1484 parse_syslog_priority((char**) &p, &priority);
1486 if (s->forward_to_syslog || s->server->forward_to_syslog)
1487 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1489 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1490 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1492 if (s->forward_to_console || s->server->forward_to_console)
1493 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1495 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1497 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1498 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1500 if (priority & LOG_FACMASK)
1501 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1502 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1504 if (s->identifier) {
1505 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1506 if (syslog_identifier)
1507 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1510 message = strappend("MESSAGE=", p);
1512 IOVEC_SET_STRING(iovec[n++], message);
1515 if (s->security_context) {
1516 label = (char*) s->security_context;
1517 label_len = strlen((char*) s->security_context);
1521 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1524 free(syslog_priority);
1525 free(syslog_facility);
1526 free(syslog_identifier);
1531 static int stdout_stream_line(StdoutStream *s, char *p) {
1541 case STDOUT_STREAM_IDENTIFIER:
1543 s->identifier = NULL;
1545 s->identifier = strdup(p);
1550 s->state = STDOUT_STREAM_UNIT_ID;
1553 case STDOUT_STREAM_UNIT_ID:
1554 if (s->ucred.uid == 0) {
1558 s->unit_id = strdup(p);
1564 s->state = STDOUT_STREAM_PRIORITY;
1567 case STDOUT_STREAM_PRIORITY:
1568 r = safe_atoi(p, &s->priority);
1569 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1570 log_warning("Failed to parse log priority line.");
1574 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1577 case STDOUT_STREAM_LEVEL_PREFIX:
1578 r = parse_boolean(p);
1580 log_warning("Failed to parse level prefix line.");
1584 s->level_prefix = !!r;
1585 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1588 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1589 r = parse_boolean(p);
1591 log_warning("Failed to parse forward to syslog line.");
1595 s->forward_to_syslog = !!r;
1596 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1599 case STDOUT_STREAM_FORWARD_TO_KMSG:
1600 r = parse_boolean(p);
1602 log_warning("Failed to parse copy to kmsg line.");
1606 s->forward_to_kmsg = !!r;
1607 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1610 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1611 r = parse_boolean(p);
1613 log_warning("Failed to parse copy to console line.");
1617 s->forward_to_console = !!r;
1618 s->state = STDOUT_STREAM_RUNNING;
1621 case STDOUT_STREAM_RUNNING:
1622 return stdout_stream_log(s, p);
1625 assert_not_reached("Unknown stream state");
1628 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1636 remaining = s->length;
1641 end = memchr(p, '\n', remaining);
1644 else if (remaining >= sizeof(s->buffer) - 1) {
1645 end = p + sizeof(s->buffer) - 1;
1652 r = stdout_stream_line(s, p);
1660 if (force_flush && remaining > 0) {
1662 r = stdout_stream_line(s, p);
1670 if (p > s->buffer) {
1671 memmove(s->buffer, p, remaining);
1672 s->length = remaining;
1678 static int stdout_stream_process(StdoutStream *s) {
1684 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1687 if (errno == EAGAIN)
1690 log_warning("Failed to read from stream: %m");
1695 r = stdout_stream_scan(s, true);
1703 r = stdout_stream_scan(s, false);
1711 static void stdout_stream_free(StdoutStream *s) {
1715 assert(s->server->n_stdout_streams > 0);
1716 s->server->n_stdout_streams --;
1717 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1722 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1724 close_nointr_nofail(s->fd);
1728 if (s->security_context)
1729 freecon(s->security_context);
1732 free(s->identifier);
1736 static int stdout_stream_new(Server *s) {
1737 StdoutStream *stream;
1740 struct epoll_event ev;
1744 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1746 if (errno == EAGAIN)
1749 log_error("Failed to accept stdout connection: %m");
1753 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1754 log_warning("Too many stdout streams, refusing connection.");
1755 close_nointr_nofail(fd);
1759 stream = new0(StdoutStream, 1);
1761 close_nointr_nofail(fd);
1767 len = sizeof(stream->ucred);
1768 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1769 log_error("Failed to determine peer credentials: %m");
1775 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1776 log_error("Failed to determine peer security context: %m");
1779 if (shutdown(fd, SHUT_WR) < 0) {
1780 log_error("Failed to shutdown writing side of socket: %m");
1786 ev.data.ptr = stream;
1787 ev.events = EPOLLIN;
1788 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1789 log_error("Failed to add stream to event loop: %m");
1795 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1796 s->n_stdout_streams ++;
1801 stdout_stream_free(stream);
1805 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1816 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1821 for (i = 1; i <= 5; i++) {
1827 k = undecchar(p[i]);
1834 for (i = 7; i <= 12; i++) {
1837 k = undecchar(p[i]);
1846 *_p += strspn(*_p, WHITESPACE);
1851 static bool is_us(const char *pid) {
1856 if (parse_pid(pid, &t) < 0)
1859 return t == getpid();
1862 static void proc_kmsg_line(Server *s, const char *p) {
1863 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1864 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1865 int priority = LOG_KERN | LOG_INFO;
1868 char *identifier = NULL, *pid = NULL;
1876 parse_syslog_priority((char **) &p, &priority);
1878 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1881 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1882 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1883 (unsigned long long) usec) >= 0)
1884 IOVEC_SET_STRING(iovec[n++], source_time);
1887 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1889 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1890 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1892 if ((priority & LOG_FACMASK) == LOG_KERN) {
1894 if (s->forward_to_syslog)
1895 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1897 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1899 read_identifier(&p, &identifier, &pid);
1901 /* Avoid any messages we generated ourselves via
1902 * log_info() and friends. */
1903 if (pid && is_us(pid))
1906 if (s->forward_to_syslog)
1907 forward_syslog(s, priority, identifier, p, NULL, NULL);
1910 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1911 if (syslog_identifier)
1912 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1916 syslog_pid = strappend("SYSLOG_PID=", pid);
1918 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1921 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1922 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1925 message = strappend("MESSAGE=", p);
1927 IOVEC_SET_STRING(iovec[n++], message);
1929 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1933 free(syslog_priority);
1934 free(syslog_identifier);
1936 free(syslog_facility);
1942 static void proc_kmsg_scan(Server *s) {
1948 p = s->proc_kmsg_buffer;
1949 remaining = s->proc_kmsg_length;
1954 end = memchr(p, '\n', remaining);
1957 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1958 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1965 proc_kmsg_line(s, p);
1971 if (p > s->proc_kmsg_buffer) {
1972 memmove(s->proc_kmsg_buffer, p, remaining);
1973 s->proc_kmsg_length = remaining;
1977 static int system_journal_open(Server *s) {
1983 r = sd_id128_get_machine(&machine);
1987 sd_id128_to_string(machine, ids);
1989 if (!s->system_journal &&
1990 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1991 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1993 /* If in auto mode: first try to create the machine
1994 * path, but not the prefix.
1996 * If in persistent mode: create /var/log/journal and
1997 * the machine path */
1999 if (s->storage == STORAGE_PERSISTENT)
2000 (void) mkdir("/var/log/journal/", 0755);
2002 fn = strappend("/var/log/journal/", ids);
2006 (void) mkdir(fn, 0755);
2009 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2013 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2017 s->system_journal->compress = s->compress;
2019 server_fix_perms(s, s->system_journal, 0);
2022 if (r != -ENOENT && r != -EROFS)
2023 log_warning("Failed to open system journal: %s", strerror(-r));
2029 if (!s->runtime_journal &&
2030 (s->storage != STORAGE_NONE)) {
2032 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2036 if (s->system_journal) {
2038 /* Try to open the runtime journal, but only
2039 * if it already exists, so that we can flush
2040 * it into the system journal */
2042 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2047 log_warning("Failed to open runtime journal: %s", strerror(-r));
2054 /* OK, we really need the runtime journal, so create
2055 * it if necessary. */
2057 (void) mkdir_parents(fn, 0755);
2058 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2062 log_error("Failed to open runtime journal: %s", strerror(-r));
2067 if (s->runtime_journal) {
2068 s->runtime_journal->compress = s->compress;
2070 server_fix_perms(s, s->runtime_journal, 0);
2077 static int server_flush_to_var(Server *s) {
2085 if (s->storage != STORAGE_AUTO &&
2086 s->storage != STORAGE_PERSISTENT)
2089 if (!s->runtime_journal)
2092 system_journal_open(s);
2094 if (!s->system_journal)
2097 log_info("Flushing to /var...");
2099 r = sd_id128_get_machine(&machine);
2101 log_error("Failed to get machine id: %s", strerror(-r));
2105 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2107 log_error("Failed to read runtime journal: %s", strerror(-r));
2111 SD_JOURNAL_FOREACH(j) {
2114 f = j->current_file;
2115 assert(f && f->current_offset > 0);
2117 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2119 log_error("Can't read entry: %s", strerror(-r));
2123 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2125 log_info("Allocation limit reached.");
2127 journal_file_post_change(s->system_journal);
2131 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2135 log_error("Can't write entry: %s", strerror(-r));
2141 journal_file_post_change(s->system_journal);
2143 journal_file_close(s->runtime_journal);
2144 s->runtime_journal = NULL;
2147 rm_rf("/run/log/journal", false, true, false);
2152 static int server_read_proc_kmsg(Server *s) {
2155 assert(s->proc_kmsg_fd >= 0);
2157 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2158 if (l == 0) /* the kernel is stupid and in some race
2159 * conditions returns 0 in the middle of the
2164 if (errno == EAGAIN || errno == EINTR)
2167 log_error("Failed to read from kernel: %m");
2171 s->proc_kmsg_length += l;
2177 static int server_flush_proc_kmsg(Server *s) {
2182 if (s->proc_kmsg_fd < 0)
2185 log_info("Flushing /proc/kmsg...");
2188 r = server_read_proc_kmsg(s);
2199 static int process_event(Server *s, struct epoll_event *ev) {
2203 if (ev->data.fd == s->signal_fd) {
2204 struct signalfd_siginfo sfsi;
2207 if (ev->events != EPOLLIN) {
2208 log_info("Got invalid event from epoll.");
2212 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2213 if (n != sizeof(sfsi)) {
2218 if (errno == EINTR || errno == EAGAIN)
2224 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2226 if (sfsi.ssi_signo == SIGUSR1) {
2227 touch("/run/systemd/journal/flushed");
2228 server_flush_to_var(s);
2232 if (sfsi.ssi_signo == SIGUSR2) {
2240 } else if (ev->data.fd == s->proc_kmsg_fd) {
2243 if (ev->events != EPOLLIN) {
2244 log_info("Got invalid event from epoll.");
2248 r = server_read_proc_kmsg(s);
2254 } else if (ev->data.fd == s->native_fd ||
2255 ev->data.fd == s->syslog_fd) {
2257 if (ev->events != EPOLLIN) {
2258 log_info("Got invalid event from epoll.");
2263 struct msghdr msghdr;
2265 struct ucred *ucred = NULL;
2266 struct timeval *tv = NULL;
2267 struct cmsghdr *cmsg;
2269 size_t label_len = 0;
2271 struct cmsghdr cmsghdr;
2273 /* We use NAME_MAX space for the
2274 * SELinux label here. The kernel
2275 * currently enforces no limit, but
2276 * according to suggestions from the
2277 * SELinux people this will change and
2278 * it will probably be identical to
2279 * NAME_MAX. For now we use that, but
2280 * this should be updated one day when
2281 * the final limit is known.*/
2282 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2283 CMSG_SPACE(sizeof(struct timeval)) +
2284 CMSG_SPACE(sizeof(int)) + /* fd */
2285 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2292 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2293 log_error("SIOCINQ failed: %m");
2297 if (s->buffer_size < (size_t) v) {
2301 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2302 b = realloc(s->buffer, l+1);
2305 log_error("Couldn't increase buffer.");
2314 iovec.iov_base = s->buffer;
2315 iovec.iov_len = s->buffer_size;
2319 msghdr.msg_iov = &iovec;
2320 msghdr.msg_iovlen = 1;
2321 msghdr.msg_control = &control;
2322 msghdr.msg_controllen = sizeof(control);
2324 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2327 if (errno == EINTR || errno == EAGAIN)
2330 log_error("recvmsg() failed: %m");
2334 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2336 if (cmsg->cmsg_level == SOL_SOCKET &&
2337 cmsg->cmsg_type == SCM_CREDENTIALS &&
2338 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2339 ucred = (struct ucred*) CMSG_DATA(cmsg);
2340 else if (cmsg->cmsg_level == SOL_SOCKET &&
2341 cmsg->cmsg_type == SCM_SECURITY) {
2342 label = (char*) CMSG_DATA(cmsg);
2343 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2344 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2345 cmsg->cmsg_type == SO_TIMESTAMP &&
2346 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2347 tv = (struct timeval*) CMSG_DATA(cmsg);
2348 else if (cmsg->cmsg_level == SOL_SOCKET &&
2349 cmsg->cmsg_type == SCM_RIGHTS) {
2350 fds = (int*) CMSG_DATA(cmsg);
2351 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2355 if (ev->data.fd == s->syslog_fd) {
2358 if (n > 0 && n_fds == 0) {
2359 e = memchr(s->buffer, '\n', n);
2365 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2366 } else if (n_fds > 0)
2367 log_warning("Got file descriptors via syslog socket. Ignoring.");
2370 if (n > 0 && n_fds == 0)
2371 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2372 else if (n == 0 && n_fds == 1)
2373 process_native_file(s, fds[0], ucred, tv, label, label_len);
2375 log_warning("Got too many file descriptors via native socket. Ignoring.");
2378 close_many(fds, n_fds);
2383 } else if (ev->data.fd == s->stdout_fd) {
2385 if (ev->events != EPOLLIN) {
2386 log_info("Got invalid event from epoll.");
2390 stdout_stream_new(s);
2394 StdoutStream *stream;
2396 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2397 log_info("Got invalid event from epoll.");
2401 /* If it is none of the well-known fds, it must be an
2402 * stdout stream fd. Note that this is a bit ugly here
2403 * (since we rely that none of the well-known fds
2404 * could be interpreted as pointer), but nonetheless
2405 * safe, since the well-known fds would never get an
2406 * fd > 4096, i.e. beyond the first memory page */
2408 stream = ev->data.ptr;
2410 if (stdout_stream_process(stream) <= 0)
2411 stdout_stream_free(stream);
2416 log_error("Unknown event.");
2420 static int open_syslog_socket(Server *s) {
2421 union sockaddr_union sa;
2423 struct epoll_event ev;
2427 if (s->syslog_fd < 0) {
2429 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2430 if (s->syslog_fd < 0) {
2431 log_error("socket() failed: %m");
2436 sa.un.sun_family = AF_UNIX;
2437 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2439 unlink(sa.un.sun_path);
2441 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2443 log_error("bind() failed: %m");
2447 chmod(sa.un.sun_path, 0666);
2449 fd_nonblock(s->syslog_fd, 1);
2452 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2454 log_error("SO_PASSCRED failed: %m");
2460 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2462 log_warning("SO_PASSSEC failed: %m");
2466 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2468 log_error("SO_TIMESTAMP failed: %m");
2473 ev.events = EPOLLIN;
2474 ev.data.fd = s->syslog_fd;
2475 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2476 log_error("Failed to add syslog server fd to epoll object: %m");
2483 static int open_native_socket(Server*s) {
2484 union sockaddr_union sa;
2486 struct epoll_event ev;
2490 if (s->native_fd < 0) {
2492 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2493 if (s->native_fd < 0) {
2494 log_error("socket() failed: %m");
2499 sa.un.sun_family = AF_UNIX;
2500 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2502 unlink(sa.un.sun_path);
2504 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2506 log_error("bind() failed: %m");
2510 chmod(sa.un.sun_path, 0666);
2512 fd_nonblock(s->native_fd, 1);
2515 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2517 log_error("SO_PASSCRED failed: %m");
2523 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2525 log_warning("SO_PASSSEC failed: %m");
2529 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2531 log_error("SO_TIMESTAMP failed: %m");
2536 ev.events = EPOLLIN;
2537 ev.data.fd = s->native_fd;
2538 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2539 log_error("Failed to add native server fd to epoll object: %m");
2546 static int open_stdout_socket(Server *s) {
2547 union sockaddr_union sa;
2549 struct epoll_event ev;
2553 if (s->stdout_fd < 0) {
2555 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2556 if (s->stdout_fd < 0) {
2557 log_error("socket() failed: %m");
2562 sa.un.sun_family = AF_UNIX;
2563 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2565 unlink(sa.un.sun_path);
2567 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2569 log_error("bind() failed: %m");
2573 chmod(sa.un.sun_path, 0666);
2575 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2576 log_error("liste() failed: %m");
2580 fd_nonblock(s->stdout_fd, 1);
2583 ev.events = EPOLLIN;
2584 ev.data.fd = s->stdout_fd;
2585 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2586 log_error("Failed to add stdout server fd to epoll object: %m");
2593 static int open_proc_kmsg(Server *s) {
2594 struct epoll_event ev;
2598 if (!s->import_proc_kmsg)
2601 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2602 if (s->proc_kmsg_fd < 0) {
2603 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2608 ev.events = EPOLLIN;
2609 ev.data.fd = s->proc_kmsg_fd;
2610 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2611 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2618 static int open_signalfd(Server *s) {
2620 struct epoll_event ev;
2624 assert_se(sigemptyset(&mask) == 0);
2625 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2626 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2628 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2629 if (s->signal_fd < 0) {
2630 log_error("signalfd(): %m");
2635 ev.events = EPOLLIN;
2636 ev.data.fd = s->signal_fd;
2638 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2639 log_error("epoll_ctl(): %m");
2646 static int server_parse_proc_cmdline(Server *s) {
2647 char *line, *w, *state;
2651 if (detect_container(NULL) > 0)
2654 r = read_one_line_file("/proc/cmdline", &line);
2656 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2660 FOREACH_WORD_QUOTED(w, l, line, state) {
2663 word = strndup(w, l);
2669 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2670 r = parse_boolean(word + 35);
2672 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2674 s->forward_to_syslog = r;
2675 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2676 r = parse_boolean(word + 33);
2678 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2680 s->forward_to_kmsg = r;
2681 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2682 r = parse_boolean(word + 36);
2684 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2686 s->forward_to_console = r;
2687 } else if (startswith(word, "systemd.journald"))
2688 log_warning("Invalid systemd.journald parameter. Ignoring.");
2700 static int server_parse_config_file(Server *s) {
2707 fn = "/etc/systemd/journald.conf";
2708 f = fopen(fn, "re");
2710 if (errno == ENOENT)
2713 log_warning("Failed to open configuration file %s: %m", fn);
2717 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2719 log_warning("Failed to parse configuration file: %s", strerror(-r));
2726 static int server_init(Server *s) {
2732 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2735 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2736 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2738 s->forward_to_syslog = true;
2740 s->max_level_store = LOG_DEBUG;
2741 s->max_level_syslog = LOG_DEBUG;
2742 s->max_level_kmsg = LOG_NOTICE;
2743 s->max_level_console = LOG_INFO;
2745 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2746 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2748 server_parse_config_file(s);
2749 server_parse_proc_cmdline(s);
2751 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2752 if (!s->user_journals)
2755 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2756 if (s->epoll_fd < 0) {
2757 log_error("Failed to create epoll object: %m");
2761 n = sd_listen_fds(true);
2763 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2767 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2769 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2771 if (s->native_fd >= 0) {
2772 log_error("Too many native sockets passed.");
2778 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2780 if (s->stdout_fd >= 0) {
2781 log_error("Too many stdout sockets passed.");
2787 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2789 if (s->syslog_fd >= 0) {
2790 log_error("Too many /dev/log sockets passed.");
2797 log_error("Unknown socket passed.");
2802 r = open_syslog_socket(s);
2806 r = open_native_socket(s);
2810 r = open_stdout_socket(s);
2814 r = open_proc_kmsg(s);
2818 r = open_signalfd(s);
2822 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2826 r = system_journal_open(s);
2833 static void server_done(Server *s) {
2837 while (s->stdout_streams)
2838 stdout_stream_free(s->stdout_streams);
2840 if (s->system_journal)
2841 journal_file_close(s->system_journal);
2843 if (s->runtime_journal)
2844 journal_file_close(s->runtime_journal);
2846 while ((f = hashmap_steal_first(s->user_journals)))
2847 journal_file_close(f);
2849 hashmap_free(s->user_journals);
2851 if (s->epoll_fd >= 0)
2852 close_nointr_nofail(s->epoll_fd);
2854 if (s->signal_fd >= 0)
2855 close_nointr_nofail(s->signal_fd);
2857 if (s->syslog_fd >= 0)
2858 close_nointr_nofail(s->syslog_fd);
2860 if (s->native_fd >= 0)
2861 close_nointr_nofail(s->native_fd);
2863 if (s->stdout_fd >= 0)
2864 close_nointr_nofail(s->stdout_fd);
2866 if (s->proc_kmsg_fd >= 0)
2867 close_nointr_nofail(s->proc_kmsg_fd);
2870 journal_rate_limit_free(s->rate_limit);
2876 int main(int argc, char *argv[]) {
2880 /* if (getppid() != 1) { */
2881 /* log_error("This program should be invoked by init only."); */
2882 /* return EXIT_FAILURE; */
2886 log_error("This program does not take arguments.");
2887 return EXIT_FAILURE;
2890 log_set_target(LOG_TARGET_SAFE);
2891 log_set_facility(LOG_SYSLOG);
2892 log_parse_environment();
2897 r = server_init(&server);
2901 server_vacuum(&server);
2902 server_flush_to_var(&server);
2903 server_flush_proc_kmsg(&server);
2905 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2906 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2910 "STATUS=Processing requests...");
2913 struct epoll_event event;
2915 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2921 log_error("epoll_wait() failed: %m");
2927 r = process_event(&server, &event);
2934 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2935 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2939 "STATUS=Shutting down...");
2941 server_done(&server);
2943 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;